Default behaviour of IP Options processing
Maxim Konovalov
maxim at macomnet.ru
Thu May 6 15:29:12 PDT 2004
On Thu, 6 May 2004, 21:16+0200, Andre Oppermann wrote:
> I have just committed the attached change to ip_input() to control the
> behaviour of IP Options processing. The default is the unchanged
> current behaviour.
>
> However I want to propose to change the default from processing options
> to ignoring options (or even stronger to reject them).
>
> The rationale is as follows. IP Options do not have any legitimate use
> in todays Internet at all. For a long time now we have disabled source
> routing. The remaining IP Options are RR (record route) and TS (time
> stamp) which are both useless. For finding out which path a packet takes
> we use traceroute instead of RR. Besides that RR is limited to the space
> in the IP Options field and can possibly record only a few hops (9 IIRC).
> Time stamp is useless for the same reason and since it doesn't have a
> fixed and synchronized timebase it is even more so useless.
>
> Opinions? Discussion? Yes/Nay?
We are using RR option all the time to track down routing asymmetry
and traceroute is not an option, ping -R is very useful in that cases.
We all know that ipfw (and I am sure all other *pf*) is able to
process ip opts quite well and personally see no point in this
sysctls. I fail to see a documentation update (inet.4 ?) as well.
It is not clear for me why you ever ask for opinions after commit not
before. Strick "nay" if you care :-)
--
Maxim Konovalov
More information about the freebsd-current
mailing list